Lucene search
K

171 matches found

Snyk
Snyk
added 2026/05/18 3:31 p.m.14 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.10 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.11 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.9 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.10 views

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the IPTC encoder. An attacker can access sensitive information or cause a partial denial of service by providing a specially crafted input file that triggers an out-of-bounds read. Remediation A f...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.14 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.12 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 3:31 p.m.10 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/18 3:31 p.m.73 views

ImageMagick: Heap Buffer Over-Read in IPTC encoder

When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3Affected Software18
OSV
OSV
added 2026/04/14 11:56 a.m.9 views

CLSA-2026-1776167812 ImageMagick: Fix of 5 CVEs

CVE-2025-53019: fix memory leak in StreamImage with multiple %d in filename template - CVE-2025-55212: fix division-by-zero in ThumbnailImage via zero-dimension geometry - CVE-2026-25795: fix NULL dereference in ReadSFWImage on temp file failure - CVE-2026-25799: fix division-by-zero in YUV...

7.5CVSS6.7AI score0.00851EPSS
Exploits1References1
OSV
OSV
added 2026/04/14 11:39 a.m.15 views

CLSA-2026-1776166754 ImageMagick: Fix of 5 CVEs

CVE-2025-53019: fix memory leak in StreamImage with multiple %d in filename template - CVE-2025-55212: fix division-by-zero in ThumbnailImage via zero-dimension geometry - CVE-2026-25795: fix NULL dereference in ReadSFWImage on temp file failure - CVE-2026-25799: fix division-by-zero in YUV...

7.5CVSS6.7AI score0.00851EPSS
Exploits1References1
OSV
OSV
added 2026/03/12 9:46 a.m.8 views

CLSA-2026-1773308764 Fix CVE(s): CVE-2026-25796, CVE-2026-25798, CVE-2026-25799, CVE-2026-26066

SECURITY UPDATE: denial-of-service via division-by-zero in image loading - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing incorrect AND with OR in horizontal/vertical axis checks and prevent acceptance of invalid sampling caused by flawed boolean logic. -...

7.5CVSS6.7AI score0.00429EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 10:44 a.m.9 views

CLSA-2026-1773225871 Fix CVE(s): CVE-2026-25796, CVE-2026-25798, CVE-2026-25799, CVE-2026-26066

SECURITY UPDATE: division-by-zero during image loading resulting in reliable denial-of-service - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing && with || so invalid horizontal or vertical factors trigger an error; cause: incorrect boolean expression required bot...

7.5CVSS6.5AI score0.00429EPSS
Exploits0References1
OSV
OSV
added 2026/03/04 10:13 a.m.10 views

CLSA-2026-1772619215 Fix CVE(s): CVE-2026-25798, CVE-2026-25799, CVE-2026-26066

SECURITY UPDATE: integer overflow in pixel cache allocation - debian/patches/CVE-2026-25798.patch: add CacheOverflowSanityCheckGetSize to detect overflow in numberpixelspacketsize in OpenPixelCache - CVE-2026-25798 SECURITY UPDATE: infinite loop in IPTC metadata processing -...

7.5CVSS6.7AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/24 6:35 a.m.5 views

CVE-2026-26066

A flaw was found in ImageMagick. A local attacker could provide a crafted image profile containing invalid IPTC International Press Telecommunications Council data. When ImageMagick attempts to write this data using the IPTCTEXT function, it may lead to an infinite loop, resulting in a Denial of...

7.5CVSS5.4AI score0.00327EPSS
Exploits0References4
NVD
NVD
added 2026/02/24 3:16 a.m.7 views

CVE-2026-26066

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with IPTCTEXT. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

7.5CVSS0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/24 1:52 a.m.26 views

CVE-2026-26066 ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with IPTCTEXT. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

6.2CVSS0.00327EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/24 1:52 a.m.4 views

Infinite loop

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

7.5CVSS6AI score0.00327EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:52 a.m.8 views

Infinite loop

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.5CVSS6AI score0.00327EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:52 a.m.4 views

Infinite loop

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

7.5CVSS6AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder